Our temporary foreign work visas have turned into “spy visas”?

Politico says Silicon Valley is swarming with non-traditional spies, especially from China but also from other countries. Most are apparently working at tech companies in Silicon Valley and San Francisco.

It’s as if our program of recruiting hundreds of thousands of temporary tech workers from other countries (almost entirely from India and China) has turned into a self inflicted spying and IP theft operation. Who could have seen that coming?

Chinese officials bussed in 6,000-8,000 J-Visa holding students—threatening them with the loss of Chinese government funding

….

Chinese intelligence has long focused on surveilling, and attempting to control, Chinese nationals studying abroad. One well-documented mechanism for this effort has been the use of Chinese Students and Scholars Associations groups on university campuses.

Source: How Silicon Valley Became a Den of Spies – POLITICO Magazine

FDA hit with one quarter million fake comments to proposed rules

More than a quarter million comments submitted to the Food and Drug Administration about flavored vapor products were fake, according to a watchdog group.

Source: FDA hit with bot-generated wave of fake comments on flavored vapor products

About one half million comments were filed of which 255,000 have already been evaluated as fake; and additional 200,000 are also thought to be fake.

Fake news, fake reviews, fake social media propaganda, fake public comments – this isn’t the great Internet world of the future we were promised 🙁

Data mining enables many companies to discern your health conditions

Data brokers compile health and frailty profiles that have wide-ranging applications for drug companies, advertisers, insurers and other buyers.

Source: How bits of captured data paint a stealth portrait of your health

They do not need access to your protected[1] health care records. Instead, companies are data mining your credit card purchases, your public social media, your online purchase habits and a host of other data points to guess at your health situation and assign you a “health score”.

This secret health score could be used by insurance companies to change your life insurance premiums, or by a prospective employer to deny you a job because your health score is not good enough for them.

You have no idea what data they have collected and analyzed, nor what score they have assigned to you. The data itself is often incorrect (as I recently found) and their assumptions about you are often wrong too. But there is no way to correct their secret health score.

“Open office” floor plans decrease interaction, may lower productivity

Many companies have moved from individual offices or cubicles to open floor spaces, removing doors and presumed barriers to interaction.

A study that tracked workers before conversion to open offices, and after the conversion, found that open offices dramatically reduced employee face to face interaction – in favor of instant messaging and email. The latter, however, have been shown to reduce productivity.

Bottom line: open office layouts are failing to achieve improved interaction – and are actually making interaction worse.

 

Continued: Venmo lies about their priority of privacy

Venmo declined to say why it makes full public disclosure the default setting, but a company spokesperson told CNNMoney that “the safety and privacy of Venmo users and their information is one of our highest priorities.”

Source: A researcher studied a year of public Venmo transactions. Here’s what she learned

That’a a lie, as I showed 5 weeks ago:

Someone entered my email address for their account at Venmo. Month’s ago. Apparently Venmo NEVER VERIFIED the email address. Consequently, I receive their emailed financial transaction correspondence – for several months. Guess their customer never noticed they were not receiving emails? (Or is Google broken and one email address is being delivered to different people? Anything is possible!)

I successfully changed the password on a Venmo account that was not mine.

Never, ever use Venmo for transactions if you care even the slightest about keeping your transactions private.

Microsoft urges regulation of face-recognizing tech

  • When face recognition is used to gain access to a secure location or function, what happens when one’s likeness is stolen and reproduced?
  • What happens when the local police monitor all political rallies and use facial recognition to identify each individual in attendance?
  • What if businesses scan your face upon entry and dynamically change prices based on their estimates of your income and wealth?

Microsoft’s chief legal officer on Friday called for regulation of facial recognition technology due to the risk to privacy and human rights.

Source: Microsoft urges regulation of face-recognizing tech

Really glad to see Microsoft addressing these issues and working to take privacy seriously as a competitive alternative to Facebook and Google.

Disclosure: I am a former Microsoft employee.

Ham radio emergency communications influenced Jack Kilby, inventor of the integrated circuit

When a blizzard knocked out lines and plunged his father’s customers into darkness in 1937, young Jack watched as his dad enlisted local hams to coordinate repairs. That so much could be accomplished so quickly by the amateur radio operators left an impression on Jack, and electronics became another passion for him.

Source: Profiles in Science: Jack Kilby and the Integrated Circuit | Hackaday

#Google’s #Android was developed first and foremost as a spying tool, may be sanctioned by the European Union

For Google, the consequences could prove vast. Packaging tools like search, and including them on Android devices, offers the company a way to capture data about users — and show them more ads. Eliminating that pathway for profits and insight could prompt Google to rethink the entire ecosystem for Android, which it licenses to device makers free in a bid to ensure its wide-scale adoption while warding off such competitors as Apple.

Source: Google could face record European Union antitrust fine for Android – The Washington Post

A long time ago I recognized that Android is an invasive surveillance system. You see this in that to use GPS for any app, you are required to disclose your location directly to Google too. Google uses machines to monitor your location, to read your email, take notes and analyze your correspondence, including purchases and financial transactions that result in emailed receipts to you. Google’s Chrome is free because its main purpose is to track your every web page visit across the web as part of the Google surveillance network.

Google’s system, however, is also prone to erroneous conclusions and assumptions about us. I frequently receive email intended for someone else but Google does not know that and the content of that email is integrated into their (false) dossier on me. Today, one of California’s largest health systems emailed to my GMail account a 101 page detailed medical history of a patient, clearly violating HIPAA. First, in 2018, how is this even possible to email a medical record with no security? Second, Google’s artificial intelligence without question read this record and deduced aspects of my health – even though this record has nothing to do with my own health. Google’s AI won’t know that however because the patient has the same name as me.

Bottom line: Google’s “free” Android, Chrome, Gmail and other services are designed specifically as surveillance tools to gather as much information as possible about each and everyone of us for the purposing of marketing something to us. When we think of marketing, we usually think of products or perhaps services. But often times, the goal is to market ideas – and effectively this becomes a mechanism for highly focused propaganda messaging encouraging us to adopt someone else’s agenda.

How your phone is used to track you as you move through a store

Ultrasound “beacons” are set up in various locations such as within stores. Apps that run on smart phones are constantly listening for ultrasound beacons (which are emitted above the audible range so we cannot hear them). Each beacon can encode a unique ID to be used to determine proximity to a specific location.

In some cases, ultrasound or other types of audible signals can be embedded in television or audio programming and apps can detect what you are listening to.

Two studies have examined the deployment and implications of ultrasonic beacons. Arp et al. measured the prevalence of ultrasonic beacons in the wild, and found them deployed on websites and in stores. Furthermore,they found 234 apps in the Google Play Store that were constantly, passively monitoring for these beacons, in order to track users’ online and offline browsing behaviors [28]. Mavroudis et al. consider various attacks against users that leverage ultrasonic beacons, including de-anonymizing Tor users [59].

Source (academic paper): Panoptisypy: Characterizing Audio and Video Exfiltration from Android Applications

Numerous apps are using access to the array of environmental sensors (including cameras, microphones and more) to assess the environment in which the phone is being carried.

Many #quadcopter #FPV television video transmitters are not legal #drones

Anyone who has looked anywhere online – Youtube videos or just perusing online stores for model aircraft parts – has seen devices for sending video signals from a model aircraft.

Most of the ones I see are not legal and do not comply with FCC rules in the U.S.

Many, if not most, of the devices that advertise “500mw” or “800mw” or “1200mw” and so on, are not legal devices, as used by most FPV flyers.

You have two options to legally add video or telemetry signals to your quadcopter.

  1. Use a Part 15 “unlicensed” device that complies with FCC rules. Up to 1 watt is permitted for spread spectrum (Wi-Fi) devices only; much lower limits apply to analog TV transmitters as used by many FPV video links.
  2. Use a device intended for use by a licensed Amateur Radio operator. When used for model aircraft control, FCC rules restrict the transmitter link to 1 watt (any mode including analog TV is fine).

Within Part 15 there are two classes of devices of interest:

  1. Spread spectrum, permitted up to a maximum of 1 watt power out.
  2. Non spread spectrum, which may be limited to as little as 1 milliwatt power out.

Part 15 Rules

The Federal Communications Commission (FCC) establishes rules for use of the radio spectrum.

Titled 47 Code of Federal Regulations, Part 15 specifies allowable limits for low power devices, unintentional and intentional RF emitters and other operations.

For a Part 15 (no licensed required) device, the 1 watt limit refers to spread spectrum devices like WiFi operating in specific bands allocated for Part 15 usage. Some quadcopters send video over WiFi and can legally transmit up to 1 watt. When the Tx is connected to a “gain” antenna, the power is to be reduced proportional to the antenna gain figure (about 1 db less power for each 1 db of antenna gain in excess of 6 db antenna gain).

Many of the FPV TV transmitters are running analog TV signals (not spread spectrum) and are restricted to vastly lower power limits. Most of the analog devices sold exceed legal limits. Some even operate outside the Part 15 bands, which is clearly against Federal rules. The FCC has proposed a $2.8 million fine to Hobby King for selling numerous devices that violate FCC rules and regulations.

Most Part 15 devices operate (like Wi-Fi) in the 2.4 Ghz band, or the 5 Ghz “Unlicensed National Information Infrastructure” bands. Some telemetry data devices used by model aircraft enthusiasts operate in the 902-928 Mhz Part 15 band.

433 Mhz

A frequency near 433 Mhz is allocated for low power unlicensed operations in Europe. This frequency is NOT LEGAL to use anywhere in the United States where it is allocated to the Amateur Radio Service. There are numerous devices on 433 Mhz now being sold in the U.S. for remote control functions that are not legal in the U.S.

Part 97 Amateur Radio

The second 1 watt power limit applies to Amateur Radio operators. If you have an amateur radio license you can legally run up to 1 watt (any mode of operation) specifically for the control of model aircraft. This is spelled out in FCC Part 97.215.

While ham radio operators may operate up to 1,500 w PEP, the actual wattage level depends on the license class, the band in use, the geographic location, and the purpose (97.215 limits power output for telecommand of model aircraft).

If you have a ham radio license you can run up to 1 watt for the purpose of remote control – without having to provide standard station identification and providing remote control of the transmitter (say to turn a video transmitter on the aircraft on and off remotely).

A amateur radio operator could run more than 1 watt for remote operations provided station identification is used and there is a way to control the transmitter remotely.

Amateur Radio operators have access to many radio bands that may be used for remote control links such as in the 420-450 Mhz band. The 902-928 and 2390-2450 have overlap with Part 15 bands (these bands are co-allocated to multiple radio services). Amateur radio operators also have access to 5650-5925 Mhz which partially overlaps with Part 15 allocations at 5150-5350 and 5470-5825 Ghz. Some (but not all) Part 15 5 Ghz devices might be able to be configured for use as Amateur Radio devices.

Summary

Most of the Wi-Fi devices are probably okay.

Many, may be most, of the analog TV transmitters violate FCC rules. There are tons of such devices advertised online.

If you have a ham radio license (I do), you can legally run these analog transmitters up to 1 watt. Thus you can purchase one of the “not legal Part 15” FPV transmitters and use it, if you have a ham radio license.

My interpretation is that hams can run more than 1 watt provided you use normal station callsign identification on the link and you can remotely control the transmitter on and off.

Hope that helps.